Schneier on Security
A blog covering security and security technology.
« Never Let the Terrorists Know How We're Storing Road Salt |
| Department of Homeland Security Getting a Little too 1984ish »
December 9, 2010
I don't have a lot to say about WikiLeaks, but I do want to make a few points.
1. Encryption isn't the issue here. Of course the cables were encrypted, for transmission. Then they were received and decrypted, and -- so it seems -- put into an archive on SIPRNet, where lots of people had access to them in their unencrypted form.
2. Secrets are only as secure as the least trusted person who knows them. The more people who know a secret, the more likely it is to be made public.
3. I'm not surprised these cables were available to so many people. We know access control is hard, and it's impossible to know beforehand what information people will need to do their jobs. What is surprising is that there weren't any audit logs kept about who accessed all these cables. That seems like a no-brainer.
4. This has little to do with WikiLeaks. WikiLeaks is just a website. The real story is that "least trusted person" who decided to violate his security clearance and make these cables public. In the 1970s, he would have mailed them to a newspaper. Today, he used WikiLeaks. Tomorrow, he will have his choice of a dozen similar websites. If WikiLeaks didn't exist, he could have made them available via BitTorrent.
5. I think the government is learning what the music and movie industries were forced to learn years ago: it's easy to copy and distribute digital files. That's what's different between the 1970s and today. Amassing and releasing that many documents was hard in the paper and photocopier era; it's trivial in the Internet era. And just as the music and movie industries are going to have to change their business models for the Internet era, governments are going to have to change their secrecy models. I don't know what those new models will be, but they will be different.
EDITED TO ADD (12/10): Me in The Economist:
The State Department has learned what the music and film industries learned long ago: that digital files are easy to copy and distribute, says Bruce Schneier, a security expert. Companies are about to make that discovery, too. There will be more leaks, and they will be embarrassing.
Posted on December 9, 2010 at 5:50 AM
• 115 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Actually, I find that the interesting thing about the current Wikileaks events is the cat-and-mouse game of moving hosting and DNS around. With all the DOS attacks and counter-attacks, it's a very public playing out of the kind of "cyber-war" we keep being told to expect more of in future.
Thanks Bruce for your voice of sanity.
You had raised a very important point here about audit i.e. who access what at a specific time. The world really need such model of secrecy where movement of everything can be monitored. You are quite right that new model will be different than present model but the question still remain can terrorists be stopped?
Don't you think the first reactions by the administration look very similar to the approach of music recording industry? Pressure, forcing takedown, legal enforcement...
I'm confused by one element of this case. How were these secret documents extracted from the system? I understand that broad access might be required, so they'd have a search interface and the ability to view the information you found on screen. Maybe even the ability to print some pages to take to a meeting, or bookmark documents you found important.
But what classified document management system has a button titled "Export to CSV" (or whatever format)? It baffles the mind.
I'm not convinced that we need an internet that builds in secrecy and identity, or even that it's possible (if that is indeed what you are suggesting).
And the Wikileaks story has nothing whatsoever to do with terrorism.
"The world really need such model of secrecy where movement of everything can be monitored. "
Yeah... I hope you were just unclear with that one.
@Bruce: Audit logs for 3million potential users of a document? That's not counting allied access either. Considering that each document could (and probably would) be accessed by several users several times, factor in the sheer number of these cables (WikiLeaks doesn't have even a tiny percentage of the total) and the audit logs are suddenly useless and probably taking up as much space in the closet (so to speak) as the documents themselves.
In DoS, most of these cables are required reading for large groups of employees, even down to LES in some cases (not NOFORN and up, of course).
I just don't see it.
While options for new models is definitely interesting, the implementation of existing models is just as valid. For example, the trail of access logs would definitely have been eye-opening. There seems yet many more miles to cross as far as implementation is concerned. The technology is out there, we in general just haven't been able to catch up with it yet.
Ari: First of all, I don't think you need to have a button like that in order to do this. Imagine that they have something like a Google appliance hosting the data. It's easy to imagine doing a set of searches for each country name (of which there are about 200) and then iterating through all of the top 1000 results in a script; once results are available in any computer system, extracting them is just a matter of knowing how to run wget.
Second, analysts probably often need to find many of these results, and use the information in them, so at least in that sense, being able to build a collection of these and then do analysis on them locally is a functionality that might be required.
Since there's no indication that this is a 'complete' set or any particular set, this could well just be the ones that were easiest to extract with a 10 minute script or something like that.
I think the big thing is (like Bruce said) the access logging; if you had some sort of audit log, you could just see who had accessed this particular 200k, since no single analyst I can imagine would need access to this broad of a range of things at one time, and you should be able to see based on access patterns who likely touched it.
@ Naveed - No, terrorists cannot be stopped absolutely unless you isolate completely and that's not going to happen. Perhaps its more useful to think about why terrorists exist and why do they so hate? Then it might be possible over time to adapt/change policies to address the systemic causes.
@Bruce "We know that access control is hard, and that it's impossible to know beforehand what information someone will need to do their job. What is surprising is that there wasn't any audit logs kept about who accessed all these cables. "
Special Agent (ret) Ronald Olive would point out this is exactly what happened with Jonathon Pollard. As a intell analyst he kept checking out (manual logs) library material (ts/sci in his case) that had nothing to do with his area of interest. Had anyone did an analysis over time the pattern would be obvious.
I would point out that some AC segregation did work here. Only Secret and Below have been compromised. There's no sign, yet, that ts networks have sprung leaks.
I would point out this is a direct result of "need to share" vs "need to know"
Why else is DoS riding a DoD network?
Especially in light that such logs are extremely doable. IRS has them so does that database that tracks passports; So does NCIC. Why didn't the State cable archive? If their attitude was anything like what I've seen before...well it could be a number of things...
1. Legacy system (and honestly some of those cables pre-date the war in Panama)
2. Wasn't considered an important requirement (or any sort of requirement) the PM and system architect through up their hands, very dramatic, and said "I'd need a system the size of this system just to audit!) and then would scare customer by citing cost, impact to project schedule, project going red. The DoS client does a 'risk assessment' and figures that since only people with clearances can get on the network it's probably safe enough without the expensive security what's'it.
3. It does audit - just no one is dedicated to watching the audit logs and performing labor intensive paterrn recoginition.
Damage control is interesting. OMB has sent out a memo directing federal agencies to direct their staff and contractors to stay away from the cables. So the only people with the clearances sufficient to view the stuff...are the only ones on the planet who can't.
I wonder if it was certified and accreditated?
I think a better analog is the corporate trade secret, especially Apple.
Apple used to release it's prototypes to a lot of people to review / work out issues with, but then people started leaking the details of the devices to the point where Apple had to associate a cost of secrecy to it's prototypes.
Now they have to delicately weigh the cost of wide testing with the potential for a damaging leak; something they are still trying to perfect, especially with the iPhone 4, where the external antena exhibits undesired problems in some cases; something they probably could have caught if they had used more extensive field testing.
The US government appears to be getting a 21st century lesson in the cost of sharing secrets; something it's experienced in the past with the Pentagon Papers, but to a much lesser extent as you pointed out.
Where we decide to draw the line will be interesting.
If the intel is so worthy of protection that it must not be leaked, then it's of little value as intel because no one will get to see it. If on the other hand the risk of exposure is limited, it's probably not much of a secret.
This is what I see Wikileaks doing here; associating a cost with sharing secrets. All told this is probably a very good thing, and as you suggested it surely can't be stopped by shutting down a website or jailing one individual.
government (better: people working in that subculture) have to learn, that they have to work on behalf of the people and on behalf of some people.
People have good reasons to be disappointed about the way decisions are made (I have an European view).
But what concerns me a lot is that I don't hear anybody (or not many) doing something against pulling the plug of the WikiLeaks website.
What if WikiLeaks would not be a website, but a news paper? Or it would've not been an US company putting it off line, but 'the Chinese'?
that's the so called 'free world' and a lawless internet (sorry: 'cyber space').
"The war on WikiLeaks should not be allowed to camouflage government incompetence"
In response to Toby Speight - Wikileaks is, from the US authorities' perspective, conducting what amounts to a hostile propaganda/psychological operation. It presents them with an interesting (for us, at least) challenge.
Unfortunately for Assange, he decided to exploit the publicity opportunity he was presented with, instead of simply disseminating the files anonymously by P2P networks or something like Freenet. As a result, he presented both himself and Wikileaks as a target.
Denying the enemy a base or safe haven from which to operate is standard military doctrine (and lay at the core of the US response to the 9/11 attacks), as is attacking their supply lines.
'...that they have to work on behalf of the people and NOT on behalf of some people.' of course.
The "SIPRNet" isn't a Google-like network where everything is indexed or accessible by everyone.
Those cables were downloaded and leaked by someone who worked with them and had access to the data every single day. You can't just stumble across that kind of stuff.
User training and a strict punishment system under UCMJ or court martials is the best way to keep active duty folks with that kind of access from doing things like this. Civilians would be tried even more harshly, I believe.
By the way, directing staff and contractors to stay away from the cables is to keep them from getting in trouble. Any government employee that knowingly accesses classified information on an unclass system is subject to prosecution. This includes their personal computers. They have an obligation to safeguard that information and just because it's been uploaded to an unclass system doesn't automatically de-classify the information.
So my question is "Why wouldn't a properly implemented Enterprise Digital Rights Management application have made this breach more difficult to pull off?"
The most interesting part on Assange for me is that the by Assange himself described tactic of wikileaks is close to terrorism.
As terrorism wants to ruin an economy by producing higher costs for counterterrorism, Assange wants to ruin conspiracys by driving their communications costs up. He thinks that their fear of leaks will lead to higher costs and in the end will lead to their downfall.
And he does this all without killing/bombing! just wow.
Welcome to iWar One.
"May you live in interesting times."
I see another lesson here for security admins in the trenches. I have noticed a general tendency to overstate the risks posed by, and push draconian measures against, what everybody else is doing while neglecting one's own due dilligence in the tasks we have direct control over.
The security state here in the US is worried about Google Street View taking pictures of military bases from public property, but seems by many accounts to not be paying terribly close attention to who has access to these cables.
Physician, heal thyself!
@Bruce "Amassing and releasing that many documents was hard in the paper and photocopier era; it's trivial in the Internet era. "
Disemination costs go down leak risk goes up? Or just the Impact cost.
cf: Ellsberg's Pentagon Papers Memoir . He and his team spent a LONG time making copies of a very large report.
Full acknowledge, what you said about the newspaper/internet thing.
Bruce, although I largely agree with you, there's a couple of points to consider. First, unlike the music and film industries, governments really can put you in prison for the rest of your life for copying their files - and probably will, to someone.
Second, governments already know how easy is it to copy digital files, which is why computers which have high-level secrets on them aren't connected to any public network, and don't have any ports on them. Your best hope of getting files off them is photographing the screen - not so different from the old paper era!
The issue isn't that "secret" material (which is about five levels under actual, proper secret material) was available to a wide range of people.
It's that some material was wrongly put in this category. Some should have been top secret; other bits should have only been classified. And, of course, some people who shouldn't have had secret clearance got it. It's a physical problem, not a digital one.
@fbm: "By the way, directing staff and contractors to stay away from the cables is to keep them from getting in trouble. Any government employee ..."
I disagree. All this does is allow someone to plant the documents on a targeted person's PC and leak said "fact" to the authorities. That person is ruined.
It seems to me that the problem would be non existent if they confined the label of "classified" to information that was actually current and worthy of protection.
If every time a general scratches his ass, they declare it as "top secret," as they have done here, the body of information of course grows beyond their means to protect it.
It Alex's Apple example above, the one thing he forgot to mention is that eventually the release no longer needs to be secret. That is the body of information requiring protection is leaving the "classified" are as quickly as it is coming in.
@Ian Betteridge "some people who shouldn't have had secret clearance got it."
Well that's the trick isn't it.
The young have an easier time with background investigations cause they need it in order to do their job and don't have a lot of time to go into debt, marry a Russian bride, or make other mistakes.
Trust your communications, trust your people, trust your application,(trust is developed through testing)..., detect when they fail and respond to the incident.
@Rich-: I think you meant "iWar 1.0"
The situation this most reminds me of is the hostile takeover of Digital Equipment Corporation by Compaq. Think about it.
Intel stole trade secrets from DEC (the Alpha/Pentium/divide by zero fiasco). But by the time DEC figured it out, Intel and Compaq had profited immensely from the theft, and DEC was too dependent on Compaq for survival to sue. So Compaq bought them out. Then HP absorbed Compaq. Now there's a very small subset of people who even remember the actual wrongdoing. Certainly in the eyes of the general public, Intel, Compaq & HP are not seen as bad companies; while DEC is just a distant memory.
The system works.
Out of all the people in all the countries who have been able to review and remove secrets, only a few make them public or sell them to the "bad guys". (Or at least we only know of the few who got caught?).
Right now, I could guess that 10,000 people look at spooky stuff every day.
This one guy Manning (allegedly) is the Black Swan (Taleb's book). It's just that in the modern era, a Black Swan's ROI is infinite.
"WikiLeaks is just a website."
A lot of people could provide the technical value of wikileaks, but they don't. Most people could not put documents on bittorrent by themselves. Most people who could would be caught. Manning was caught, but wikileaks looks like it did a good job protecting his identity. Of course, with access logs, he would have been caught anyway.
I too have doubts as to the usefulness of audit logs; firstly as they do nothing to prevent the removal of data, and secondly as they too may be hacked just as this data was (either to hide that it has been viewed, or to make out that someone has read it who actually hasn't).
@Christian - "Assange wants to ruin conspiracys by driving their communications costs up."
That bears repeating as it truly does appear to be Assange's end game and something that the press seems wholly incapable of reporting on. As proof, see these essays by Assange on the topic
The problem with audit logs is what actually goes in them is not what people think goes in them.
That is the log says time X entity Y accessed resource Z.
The simple fact is none of it is true.
The time X is derived from a time resource that is available to the data source or logging resource. Often there is little security involved with this time source.
The entity Y is not an entity or part of an entity but a terminal or other system that has authenticated to the data source, usually using some kind of credential, BUT the credential is not a person, and it does not say that it is any particular person using the credential on the terminal or that only one person is party to the data served to the terminal. Nor can the entity/person have any certainty that they alone are seeing the data.
The resource Z is not of necesity what the data source thinks it is as it has no notion of what the data it is sourcing from a given location represents just that it came from some storage location it has access to but almost certainly does not control.
Encryption can only mitigate some of these issues partialy at best. Likewise authentigation can only mitigate some of these issues.
This is actually a very very hard problem to solve at many many layers and some of the issues are purely human and cannot be solved by technological solutions
1. Dead right; encryption just isn't in this picture.
2. Very well put; however the proviso can be added, that a person can only contain so much stuff in their head, and getting it in and out again limits bandwidth. A mass-exfiltration of data on the kind of scale observed, couldn't happen without attendant failure of process and inadequate technical lock-down.
3. This is the first I've seen about the absence of audit logs, and I'm astonished. You're right about the difficulty of access control, and I can't see this element of the discussion ever being decided to everyone's agreement.
4. On the contrary; I think this has a lot to do with WikiLeaks. A couple of years ago (and slightly less so, these days), there was a rash of Government information with "interesting associated protective markings" found around the UK where it had been accidentally left, either on paper or as cleartext on USB sticks. It also happened only the other day, with ex-NASA laptops turning up with their had dire contents intact.
The point here, is that the data was handed, variously, to the BBC and other bodies of the Press - and they *didn't* publish it.
Granted, they made some column inches of commentary regarding how dreadful it was that data associated with (broad-brush categorisation and description) could have escaped from (organisations considered to be the data's rightful custodians), but that was it; the data was then returned to its owners, sometimes following advice from the police.
Such are the actions of a responsible publisher, when presented with such data. WikiLeaks is not behaving as a responsible publisher, and while, if he'd been the editor of a UK newspaper which published verbatim quotes from the most sensitive documents in the corpus received, Julian Assange would most certainly have been arrested for breach of the Official Secrets Act, among others.
Assange's rape charges aside, WikiLeaks is merely reaping the same whirlwind which would land upon any irresponsible publisher; it's just that when data is mobile across national boundaries, applying corrective measures is harder.
5. I think he discussion associated with secrecy models will run and run, given the balance which has to be achieved between need-to-know granularity and the ability to act on issues arising, in a timely fashion. One thing I suspect will be likely to change most swiftly, is the Codes of Connection to these networks, and the level of auditing - along with the addition of heuristic and rule-based audit log mining. The audit logging and analysis environments will, by nature, need to be pretty huge...
Also, I was stuck by Simon Phipps' comment (Twitter I think, but cited by Tim Bray) that the publication of this data was "a sociopathic act".
Assuming that the data really is from SIPRNET and is therefore handled as SECRET, that translates into Impact Level 5 in UK-speak. From an UNCLASSIFIED extract of the document which defines what this means to us Brits (just type "Impact Level 5" into your favourite search engine), and you get unauthorised disclosure of Defence and Intelligence data having the following consequences:
* Impact on life and safety: Threaten life directly leading to limited loss of life
* Impact on political stability: Threaten directly the internal political stability of the UK or friendly countries
* Impact on military operations: Cause severe damage to the operational effectiveness or security of UK or allied forces (e.g. compromise of the operational plans of units of company size or below in a theatre of military operations)
* Impact on foreign relations: Raise international tension, or seriously damage relations with friendly governments
* Impact on international trade negotiations: Disadvantage the UK in international negotiations (e.g. advance compromise of UK negotiation strategy or acceptable outcomes, in the context of a bilateral trade dispute)
Impact on intelligence operations: Halt unique intelligence operations in support of intelligence requirements at JIC Priority Two, or damage unique intelligence operations in support of intelligence requirements at JIC Priority One. Cause damage to UK or allied intelligence capability
In short, that's pretty sociopathic, to my eyes.
Let's all remember that, as far as we know, Bradley Manning was only caught because Adrian Lamo turned him in after an online chat where Manning admitted being the leaker. So it could be the government had no leads on the leak before that point.
The problem is government clearly didn't monitor data leakage from SIPRNET. Yes Wikileaks is not guilty, yes encryption doesn't make a difference, but allowing gigabytes of data to be copied and leave the network -- whoever managed security for SIPRNET clearly failed.
Rather than audit access to files, audit access to external media. R/W privileges should be controlled and auditing of media access, especially write actions, would flag users who may be violating policy. When I was active duty we looked at several products that tied in to Active Directory and effectively controlled external media access. Cost is high, but less than current damage control. Lesson learned.
Walker: Being very idealistic and willing to cause severe harm to work toward your ideals, even if very wrong and misguided, is not sociopathic. Did you even read the sociopaths thread the other day?
@Tim " may be hacked just..."
'spose if, may be, could be, but didn't.
Insiders are users without access to the audit record (if the system is configured as NIST says it should be). Yes they can be an evil SA but mostly they are users.
Just on the fact that SA's are fewer in number.
It would have to be a hack...this wasn't a hack. They didn't need to hack.
Just asked the system for the data and it gave it up.
Pollard didn't need to burn the NIS library logs. That's not what caught him. It just made the damage assessment and his behavior clear.
If the audit record isn't reviewed then they don't have to modify them do they?
Most of the recent harvest on Wikileaks has been characterized as "The Pope is Catholic" revelations. And I can only agree.
We had a recent spate of journalists rolling eyes about of about those "secret vulnerable" target sites for terrorists so irresponsibly leaked: It was our biggest harbor and the places where transatlantic cables landed. I could have given them those places if they would have asked.
But it is nice to see confirmed that the US government confirms that Al Qaida is funded by Saudis. I think US voters should be aware of that.
The biggest issue in this is that most people don't have a good understanding of the systems involved, their vulnerabilities, and why the Gov has set them up the way it has...
On systems, understand that there are many Government networks. There's:
- NIPR-Net [Unclassified Network]
- SIPR-Net [Secret-NoForn Network]
- JWICS ["Joint Worldwide Intelligence Communications System"] [TopSecret-SCI-NoForn Network]
- NSA-Net [TopSecret-SCI-NoForn Network]
- CENTRIXS ["Combined Enterprise Regional Information Exchange System" -- Multiple versions, depending upon particular coalition group using] [Secret-Rel Network]
- Stone Ghost [Used with ACGU -- "Four Eyes" -- Austrailia, Canada, Great Britain, U.S.] [TopSecret-SCI-Rel Network]
- And more...
From this alone you should be able to see that tracking all the necessary information accesses across all those systems is a daunting task. Further, on active duty, there is a deliberate push to make SIPR be the "C2" [Command and Control] network due to its ubiquity, meaning that there is a deliberate push to get things on higher classification networks put on SIPR for availability whenever possible.
This is where things start getting really tricky, though, because one of the major problems of the past has been the lack of data sharing amongst analysts. To combat that, several systems were created, of which the best known are MPS [Message Processing System] and M3 [Multimedia Message Manager], both available on SIPR and JWICS. Both offered the ability to collate reports from multiple different sources, including [until the State Department pulled it due to this WikiLeaks incident] U.S. Embassy cables.
In the rush to solve the problem of a lack of data sharing, however, they created a vulnerability in the opposite direction, because the various collaboration systems [including MPS/M3] do not filter out data based on content/category/keywords or anything else except classification level. [M3, which has one of the widest collections of reports, does require you to get an account, however.]
So, I hope this gives a bit more insight into the problems faced in securing the networks against the lone wolf activists [no matter what you think of those activists]. This is about as detailed as I can go without it becoming a classified discussion.
As for Bradley Manning, the method he admitted to for getting classified data out was to have a CD labeled as a Lady GaGa disc, which was actually blank. He then burned information to the disc while pretending to sing to the supposed songs on it [complete with wearing headphones according to some reports].
There was little defense against this type of bypass, as CDs were the main method of porting information between networks when you needed to. This has been the case ever since the response to the Agent.btz attack in late 2008, after which all military computers had the ability to connect flash drives or portable hard drives without admin access disabled. Now they're restricting the ability to burn CDs in the same manner.
I wonder if the person who leaked the documents would have done so if he thought there was a higher probability he would be caught by internal department controls? The US State Department was showing signs of possible problems pre-Wikileaks (http://blog.sharpesecurity.com/2010/12/04/thoughts-around-wikileaks-cablegate-and-internal-state-department-security/), so some folks might have felt they could get away with the theft.
@sharpesecurity "would have done so if he thought there was a higher probability he would be caught by internal department controls?"
Deterence. Does Deterence work?
Only if those controls generate an immediate effective response...like you browse a pr0n site and generate a visit from the security manager, your HR rep, a meeting with the three of you your COTR and the diversity council.
Yes; in the Walter Matthau movie "Hopscotch", a former "company man" travels the countryside of Europe, mailing stories of dirty tricks perpetrated by the United States, against its allies, to the leaders of those countries.
WikiLeaks just sped the process up, and made that information available to everybody in the world with an Internet connection.
Hey Dave Walker
"Impact on life and safety: Threaten life directly leading to limited loss of life"
There is no credible evidence that anyone has been put in danger or injured by the wikileaks release (except maybe mr. assange).
Freedom, free press, free speech, honesty, transparency, democracy - these things have to go together for any one of them to work,...
We *know* that the USA is *not* the only example of "bad actor" out there but, I believe, only the USA has people who are willing to exercise what they think is their conscience (often enough misguided since many of the leaks have had _tactical_ value given currency) to expose what they see as "wrongful" actions... or words.
So why is it the USA that is most embarassed?
I think what people need to realize is that, in the USA at least, there are people who are *not* mindless drones.
This whole act playing out is, to my eye, just another front on the War Against Non-Conformists since the backlash is intended to have a chilling effect against whistleblowers.
Without a mechanism like WikiLeaks...
... who watches the watchers?
Ah finally out of 45 comments, one that nails the core of the issue:
"It's that some material was wrongly put in this category. "
The real issue with securing documents has little to do with the security of its systems. It has to do with the legitimacy of its processes.
Any time someone is entrusted to safeguard secrets, there must be a legitimate reason for them to abide by that mission, one that isn't simply the fear of prosecution.
The core idea behind keeping secrets for your government has always been the respect of that government's mandate, the recognition that in a democracy, some things need to be kept secret while by default everything else doesn't need to be.
But with a classification system in 'default' mode where simple innocuous documents never get declassified, the mandate starts looking more and more like one of a supremacy, not a democracy. When that happens, security clearances no longer characterize people by their allegiance to the government of the people for the people, but rather by their allegiance to the government of the secret for the secret.
That system is just as viable in itself, look at China, however, anyone cleared in the old system might have serious issues with his mandate for protecting secrets in the new system.
Therefore, I believe the person who leaked this information is not likely to be one hot headed young dude who wants to be in the spotlight, but rather some older disgruntled systems admin.
If you have any doubt about this, how many of you think the government might open a file on me because of this post ?
And ask yourself why.
I keep on seeing the number '3 million' floating around, but I'm not quite sure.
The active military for the U.S. (if I can trust Wikipedia to have at least 2 sig-digits of precision) contains 1.5 million soldiers and 580000 civilian employees, 830000 reservists, and 97000 other 'DOD Personnel'.
I assume for the sake of argument that only a subset of these people are tasked with the job of reviewing SIPR data and presenting important portions to local commanding officers. Thus, the number of active-duty military people with authorized access should be less than 1000000 (million), and may be less than 100000 (hundred thousand).
I do not know the size of the Dept. of State, but the same rule applies. Not all employees of the Dept. of State have authorized access to the data that ends up on SIPR.
While '3 million' makes a great catchphrase, I can't reconcile it with the data available.
All of Bruce's comments still apply, but with the caution that it the leaker may be one person in 50000 or one person in 100000, rather than 1 in 3000000.
'I think you meant "iWar 1.0"'
When we start "iWar 2.0"?
Another security angle: botnets have (allegedly) entered the picture.
"The security analysts have an interview with one such cowboy [from Anonymous], who is herding a claimed 1,300-machine botnet, who added that a friend of his also contributes a 30,000-strong zombie herd. This individual said he had built up his net by distributing malware via torrents, and that thus far he had not profited personally from it – but that he intended to make money from botnets in future."
Everyone seems to be buying into one fundamental assumption: that diplomacy is based on lies, always has been and must always be so forever and ever. I guess this is why we need so many diplomats -- they need to tailor each and every individual lie to suit the situation.
Perhaps this is the level of rethinking we need, and which all this discussion of security is so carefully dancing around.
You are right that the data being released to the public does not declassify it. What does not allowing government employees to access information on wikileaks (it seems this was implied by your comment) actually accomplish? Are you saying the US government has more to hide from its employees than foreign governments?
@JD Bertron "the core of the issue"
Is not the government's over-use of classification. Though that is an issue.
And you're on target in my opinion when you say "legitimacy of its processes". For legitimacy I use the word integrity or trust.
"legitimate reason for them to abide by that mission, one that isn't simply the fear of prosecution."
That sense of mission is the most useful since it internalizes a lot of controls.
I use a rule of thirds.
1/3 of people are right-actors. They understand the reason they are doing things and through their own analysis of the situation/mission/ethical conundrum choose the right course of action.
1/3 are Go-alongs Get-alongs because it's the written rule and they want to do their duties as assigned they do.
1/3 are Refusniks who think they know better than everyone else (Pollard), think the rules don't apply to them (high government officials) or just don't care (these are usually network administrators, project managers). Some times they are very smart, often they are very smart in only one area.
Now we can argue about actual proportion (i don't believe 1/3 of any given sample population are refusniks; the majority of people are likely Go-Alongs). But The goal of an IT security personnel training program becomes: reduce the number of meat-head refusniks through prompt and appropriate sanction (detect and correct) By applying fear of prosecution or deterence some can be driven to comply and become a, if reluctant, go-along (or eliminated from the work pool all together). The Go-alongs can be trained to be right-actors over time if you're willing to make the investment. But if you're limitation is - "make the go-alongs a right-actor in a once-a-year 20 minute web cbt because this is a fixed price contract and I'm not paying for what the customer won't be billed for"...
And this is why the human part of the system will fail. No sense of mission.
This is why using contractors for essential government services is a dangerous canard. An organization like the military takes months their time and money to indoctrinate new recruits. Months of round the clock intense reEducation in social situations isolated from other forms of thinking. My Basic training experience was documented in Thought Reform and the Psychology of Totalism, only no hitting. What was your last on-boarding like. "Here's you're cube, here's a company handbook, start coding! we're burning money on you." Most of us spend more time on our benifits
What are contractors? People who are working only for money. They aren't even loyal to the company hiring them since at the end of a contract they just re-badge to whatever new company wins the contract. There's a word for that...what's the word for someone with no loyalty to the organization and works only for money? Is it a person you should trust?
You are right that the data being released to the public does not declassify it.
Does that then make regular citizens reading the material guilty of reading classified material?
@ Dave Walker
Actually, it's far from sociopathic. Wikileaks has offered the US government a chance to help them identify dangerous portions they have no need to publicize. US Govt's ego ensures they always turn them down.
The bigger issue is that the information often isn't what you describe. A lot of it is boring and far from damaging, meaning it's overclassified. Much of what Wikileaks has released is information that contradicts what governments are telling their people, constituting fraud (or treason, depending on viewpoint). In the US, it's illegal to protect crimes, conspiracies, or selfish political actions via classification. However, it's also illegal to publish such classified information to prove they did it. Catch 22. How is the responsible, law-abiding citizen going to handle this? They can't.
The US govt has been using its power and secrecy in a very abusive way for the past few decades. Groups like Wikileaks are the balance that gives the people a chance to influence these things. How can you ensure a just and open government process if you don't know whats going on? A: You can't. With Wikileaks, maybe we can.
From reading non-US media, there is much more criticism of the US for its reaction to wikileaks than from the content of the leaked cables. Many say the leaked cables actually show the US in a good light
It's far from clear the Assange has broken any US laws.
wikileaks ability to keep running - mirror web sites, lots of nameservers, etc., is interesting.
Hacking web sites of wikileaks' enemies is mildly amusing. The anonymous hackers are much more successful and blocking these web sites than anyone is doing of blocking wikileaks
Thanks for the feedback, folks - an appropriate deduction is, therefore, that this data shouldn't have been on SIPRNET, but somewhere else (I assume there'll be something appropriate between SIPRNET and NIPRNET, in sensitivity).
So, I agree that much of the WikiLeaks data we know about, shouldn't have been where it was.
WikiLeaks are still the far side of the edge dividing responsible from irresponsible publication, in my mind, though. I'd like to see a light shone properly on their motivation in all this.
I wonder when they'll learn to make really secret data less transportable.
Even paper is a lot easier to secure than something that can just be copied en masse off of the computer.
From my limited experience with US classified networks, I believe that State only uses SIPRNET to disseminated the cables broadly because that network is cleared for up to SECRET/NOFORN, which some cables are. This is a common clearance level especially among military personnel and supports the goal of sharing information throughout the government.
The real issue is what Just Me identified- the fact that there were wishes and sometimes orders to move data between networks using CDs or flash drives. That is a gaping hole to be exploited by those who wish to leak classified info. In contrast, the SIPRNET terminal I once used had no CD drive and the USB ports were disabled in drivers.
Re: Audit logs. They can be brilliantly good. A great backup to access control measures (how many times have we laughed that someone discovered the theft days, weeks, years later?)
But even when not hacked, they are prone to bugs as well as any other software. And because they are a black box to most, they fail to get thought of carefully enough.
There are many cases, but my new favorite is a team at a large corporate HQ who ALL got into trouble for looking at porn on their work computers. Like 40 people. Even the girls. And all have identical taste in porn. Identical. Same sites, same order, same time.
It took HR /months/ to decide this was clearly a data error, and clear everyone. Why? See above. Faith, misunderstanding, etc.
The outrage must be directed at the government for failing to protect sensitive information. Assange appears to be a sociopath who shows no remorse about risking other people's lives, but anyone, especially people like Assange, can broadcast this information, and it is impossible to stop them.
Another impossible to-stop mode of transmission not mentioned above is over a Tor Hidden Service [http://bit.ly/f36jla], which Wikileaks is already using [http://bit.ly/bLfSwk].
Perhaps this will be iWar 2.0—a DoS attack against an anonymous server encrypted over the Tor network.
Encryption might still come into play in form of the insurance.aes256 file. I think it's interesting how it's used as a device in leaking rather than restricting information here...
> "Assange appears to be a sociopath who shows no remorse about risking other people's lives"
There have been no documented cases of WikiLeaks information causing harm to anyone. If there were, don't you think the US would be after him for that? Instead there is Interpol and Scotland Yard arresting him for breaking a condom.
If the authorities are interested in pursuing sex crimes, they should be going after these guys: US-funded private military contractors who organized sex parties for Afghan police recruits, in which young victims were procured. WikiLeaks revealed discussions between US embassy and Afghan authorities on how to minimize PR damage. The storyline discussed was that journalists covering this were "endangering lives".
The UK Guardian published the cable: http://www.guardian.co.uk/world/...
Rather than laud Assange as a hero, there are those who are openly calling for his assassination:
Is this Bizzaro world or what?
I've heard at least one call for his assassination from someone who thinks the cable leak is such a good idea, they'd like to see what's in the insurance file.
Then again, there's the little matter of someone who is already in prison over the leak:
Getting back at WikiLeaks is just a classic case of "shooting the messenger" and will have about the same results.
To date, I still haven't read any "Cablegate" material that actually qualifies for Impact Level 5 as described by Dave. Berlusconi "vane and incompetent". Gasp ! Saoudi Arabia the biggest source of terrorist funding. Hardly a shocker. Nukes stored at Kleine Brogel airbase in Belgium. That's been a public secret for decades. I think most of us will indeed agree that a large part of these documents were overclassified, and for reasons touched upon by several other comments.
Sofar, they have merely proven a huge source of embarassment to the US government and the parties mentioned therein. Perhaps with the exception of Mr. Putin, called an "alpha dog". I guess it would have been a much bigger surprise would the document have revealed him as a raving homosexual performing regular weekend shows at a shady transvestite bar in Moscow.
Irrespective of Julian Assange's motives and the way the US government and other entities are reacting, the essence of the matter remains that a serious security breach has occured at a US government network containing classified information. As Bruce is correctly pointing out, the primary conclusion can only be that its access and audit control system has failed big time, and is up for a thorough review, if not rebuild.
The only point I can add to that is that this failure may not only be the result of inadequate implementation of RBAC and audit control, but also a logical consequence of the simple fact that the more people have access to information, the more likely it will become that this information will leak.
What i wonder is, if this guy can take all this material and release it into the public domain via wikileaks out of however misguided a notion of responsibility to some higher cause, what's to have kept somebody with less public and selfless aspirations from selling them to some agency with more furtive and outright hostile intent? I wonder if the outrage expressed by the government isn't both a smokescreen, to keep people from wondering about that (ongoing) possibility, and a disingenuous disclamation of what seem to be mostly forthright and fairly above board proceedings that these documents "reveal", since with this level of expressed indignation we might be left to conclude that this is the murkiest stuff that might have been brought to light, and it's really not all that damaging-looking, so maybe both the public and any other prior unacknowledged possessors of this material can collectively shrug and dismiss the value of trying to get at any more well-guarded stuff
If not, then at least the public is as well-informed now as the enemies of our state might plausibly have been previously
Not that i'm siding with wikileaks and its amoral mission of disclosure at any cost
"Rather than laud Assange as a hero, there are those who are openly calling for his assassination"
One of which is I believe from what has been reported a Republican Presedential hopeful.
Which is a sad indictment of the American psyche when you consider as you say,
"There have been no documented cases of WikiLeaks information causing harm to anyone. If there were, don't you think the US would be after him for that?"
But it was "OK" for a Senior Republican Politico to "out" a CIA operative simply because the operatives spouse was pointing out that the claims the Politico was making where False and Misleading to the US People (and thus fradulant as well).
I have no idea how the leaker got access to all the required files BUT I would not immediately assume that they actually directly accessed the files themselves!
Think about how much easier it would be to snoop on the RFI emissions of others around you, who were legitimately accessing files for their respective jobs.
No logging system will catch, RF emissions snooping, and you only need to carry out a small Flash chip every so often. I could easily modify a laptop or a cell phone to have a suitable RF receiver embedded, it wouldn't even look suspicious if you found it on the secure premises.
Adding something as simple as a non-linear inductor choke to a 100baseTconnection can make the signals very easy to receive, but it would be almost impossible to detect. Even if someone found it they would think it was a common mode choke, intentionally added to eliminate some observed interference.
BTW: it is not unusual to see external common mode chokes installed incorrectly.
With a bad choke installation you can cause differential signal delay (rise fall mismatch), which amplifies RF emissions, especially if the distance to a line termination is intentionally tuned to the choke differential delay. look up antenna VSWR tuning.
last point: Regarding the Rape claim, How dumb is this guy not to spot a CIA honeypot from a mile away? I mean give me a break, this was so ***** obvious.
@ Dirk Praet,
"Perhaps with the exception of Mr Putin, called an "alpha dog". guess it would have been a much bigger surprise would the document have revealed him as a raving homosexual performing regular weekend shows at a shady regular weekend shows at a shady transvestite bar in Moscow"
Would Sir like a little Polonium210 sauce with his Sushi?
With regards both RBAC and auditing thay both fail for many reasons but the main human ones as always,
1, Grant to much privilege.
2, Don't revoke privilege when nolonger required.
3, Assume the higher the hierarchical position the higher the required privilege.
4, Don't respond to change.
5, Don't respond in a timely manner.
6, Don't audit.
7, Don't set up "trip wires" or other alarms.
8, Don't investigate unexpected access.
And the list goes on...
In light of these rampant third party attacks, I am not sure the public was ready for what Wikileaks provided. But I agree with you, Assange and Wikileaks were not the inciting problem. Insider threat, as we all know, nullifies any reasonable trust model and is a difficult hole to plug.
1) you just stumble upon things on SIPRnet and beyond. It happens everyday in thousands of secure office space across the country when people are on their lunch breaks.
2) Auditing on government networks is a joke. NIPR and a few other networks (not SIPR) do an OK job with it due to the use of PKI but SIPR in 99% of places does not have a PKI framework in place.
3) Polygraphs. While they have never, to my knowledge, caught a spy they are useful. Everyone with access to information that is classified should be poly-ed on a regular basis. Unfortuantely this is the the case for access to SIPR. All one needs is a need-to-know (which is never really questioned these days in the world of "responsibility to share") and a national agency check.
4) Manning should be tried for treason and put to death. He had a sworn duty that he violated.
5) Tip of the iceberg. I am certain more stuff will follow unless Manning is severely dealt with. PEDs, NIPR colocated with classified networks, etc. make for recipes for disaster.
6) Someone mentioned SIPRnet not having CD drives, USB, etc...was it the 1980s? Have you been in a secure office recently?
7) Too many people, much more than needed, have access to sensitive data in the US.
Bruce - for some reason you haven't mentioned them, but there *are* technical solutions to at least mitigate the risk (nothing ever gives you 100% protection). DRM immediately comes to mind, or even simple port blocking software in this case. I find it very surprising that the military and the state department are not using such solutions. The latest news about restricting USB drives (they weren't restricted before??) is further proof that there are no adequate protections in place.
I intimately know many government agencies, phama/biotech companies, financial firms and others that are using my company's solution (WatchDox) to protect documents from such leaks. I'd expect the US government and state department to place at least as much importance on this issue.
Posted by: theadem at December 10, 2010 1:35 AM
4) Manning should be tried for treason and put to death. He had a sworn duty that he violated.
Well it's a good thing a person like you has absolutely no power over anyone/anything.
What good is an oath when the people you have sworn to protect have betrayed you? Manning should not be tried for treason.
3. Polygraphs are useless because the false positive rate is incredibly high.
4. Since I dont believe that the state should have a right to murder people I disagree.
And last but not least the US should stop acting like the world is a playground. Its no wonder the US is facing war and bankruptcy when its foreing politics are so severely narcissistic.
What´s jurisdiction role at this story??
Are wikileaks members ans website tied to country restrictions or law in particular?
"While '3 million' makes a great catchphrase, I can't reconcile it with the data available."
One direction to look- I remember reading an article in the washington post about the emerging post-9/11 shadow business of contract companies (i.e. defense contractors etc) who's employees have jockeyed for higher security clearance. I think this 3 million figure includes these contract employees who have managed to obtain the necessary status. This does not imply, however, that all 3 million people have access to SIPRNET.
Here's the series of articles that cover this: http://projects.washingtonpost.com/...
Interesting point you make. On top of everything else, Assange could get himself sued by intelligence agencies all over the world for unfair competition, profiling himself as the open source-guy of the espionage community. Just imagine the looks on their faces having spent huge resources and big money to get hold of these data only to find them published for free by an idealist on a mission.
I think 2 should read:
2. Secrets are only as secure as the least trustworthy person who knows them. The more people who know a secret, the more likely it is to be made public.
Since the most trusted person, may in fact be the least trustworthy.
"Secrets are only as secure as the least trusted person who knows them. The more people who know a secret, the more likely it is to be made public."
Is there an equation that models this?
In the early 1980's, I wrote the auditing software for one of IRS' largest systems. It is still being used. It processes up to 500 transactions per second, and every time a person presses the "Enter" key, and audit item is written without fail.
How did this system last so long? through intelligent design (yes, the pun is intended). If someone executes a transaction that is many thousands of words long, we do not log the whole thing. We log just enough data to reconstruct the event. Basically, "who did what to which record".
The folks at IRS receive reports of employee activity for the day just ended -- AND THEY READ THEM.
From time to time you may hear of an errant IRS employee doing something wrong. That must be the fact of life for an organization that employs over 100,000 people. But you hear about the bad apples because we DO catch them. Usually the very next day.
At IRS, we aren't NASA, but neither is auditing rocket science.
Wikileaks is part of a progressive movement from the left. To down, bottom up and inside out.
"Perhaps this is the level of rethinking we need, and which all this discussion of security is so carefully dancing around."
That's so right on it's not funny! As someone who worked in "the community" decades ago, none of this was the least bit surprising to me. Nor do I think any of it was particularly damaging to us, even in the short run. The ridiculous overreaction (learned from TSA?) is and will continue to do more harm.
I think it was the threat on the bank leaks that really triggered all the response. Because anyone with a brain will know it will lead well beyond banks into the government, and having their pants pulled down over that -- with names, times and in the perps own words, is really scary to them.
We've all had this uneasy feeling of complicity, but putting it in black and white, with no need to "investigate" till the problem is forgotten, but real jail time without needing an incompetent enforcement system to do plea bargains so some go free and the truth is never really known (Enron)...that's another story.
Mere government hasn't stopped wikileaks and indeed made them useful and even possible.
But now they're attempting to take on the owners of mere government. That's actually dangerous.
MasterCard and Visa have cut off the ability to pay donations to Wikileaks.
It's a moral thing.
Fear not! they will STILL donations through to the KKK, the National Front and others.
It's surprising to me that SECRET class information, supposedly capable of causing "serious damage to national security" if released, is available over SIPRNet to 3 million personnel as well as allies. No amount of auditing, DRM, penalties, or other mitigating measures is going to prevent at least one person in such an enormous group - larger than many cities - from exploiting their access for some reason. There's always someone with a grudge, someone with nothing to lose. This is exacerbated by indiscriminate classification of information that does not require secrecy, causing personnel to lose respect for the classification system.
One can make an analogy between this leak and some of the notorious published exploits of active systems - one of its immediate effects will be to force security improvements to SIPRNet like tighter access control. Which, despite the cost to efficiency, is a good thing, since in all likelihood some of those 3 million people are probably real spies engaged in real espionage, rather than just leaking the gossip of diplomats.
I doubt BitTorrent would have been a feasible alternative without an organization like Wikileaks. While the information will be disseminated quickly and decentrally once it is "in the cloud", the initial seeding process takes time until enough interested peers download the material, and in that time, the small number of seeds yields a narrow list of suspects.
Without a trustworthy intermediary, seeding a torrent comes with great personal risk.
(Another noteworthy aspect is that Bradly Manning was arrested after a tip from someone he bragged to - the whistleblower protection system would probably have worked if he had acted more cautiously.)
Not quite. Many prolific uploaders use seedboxes for this reason. A seedbox is a hosted server with a fast intenet connection that constantly uploads. A bittorrent leak group would just use seedboxes and connect to them over open/hacked wifi. Freenet,web sites and file hosting sites are also possible. Can use prepaid credit cards bought by third party for payment.
The main advantage of wikileaks is that they handle anonymization for their sources. Their sources can be safe without being security gurus if they just follow wikileaks directions.
Americans find these cables unremarkable, but for those of us who aren't Americans they're much more useful: we "knew" our leaders were craven fops selling us out, but these are the smoking guns. And this is actually having political consequences for said craven fops.
That is: these revelations are actually newsworthy content of the sort that one would expect from investigative journalism applied to government.
The intentional witholding information detrimental to free speech in contrast to a threat to the wellbeing of the state is unconstitutional!
@Clive Robinson so if Manning gets a court martial and the firing squad for releasing SC information shurly Libby who reveled SC information should get the same or greater punishment?
"... the firing squad for releasing SC information shurly Libby who reveled SC information should get the same or greater punishment?"
It is a question more people in the US should be asking their political leaders.
Esspecialy those leaders who are "mouthing off" and calling for the wikileaks "editor in charge" to suffer such sanctions and thus by inference asking for worse against the person who is accused of leaking the documents originaly...
Those making the calls for such sanctions appear to have "conveniently" forgoton the behaviour of the previous administration in the respect of leaking information for political ends.
And worse also that for the sake of a sound bite they are also open to being accused of trying to influence the outcome of a trial which is "perversion of the course of justice". Which seriously brings into question their competance to lead a school sports supporters club let alone a nation such as the US...
Further and whilst I'm not sure of the military legislation in the US such comments might in other areas cause not just a miss trial, but prevent a trial happening, as I doubt you could find a jury that had not heard either the "pretender" for Pressident or the previous runner for vice pressidents comments and can truthfully say they where not influenced by them.
I'm not in the US and I can truthfully say that their sound bites have certainly prejudiced my views on the whole subject.
Thus the politicaly motivated "sound bites" might concievably get the accused "off", which could come back to haunt the future political careers of those making the sound bites (if people are daft enough to alow them to have political careers after showing such poor judgment).
I need to "weasle out" at this point by saying I do not believe in the death penalty at all (I've seen to many miscarriages of justice in "politicaly" sensitive cases to have any faith in the legal system). Further that as I'm European not American and our political viewpoint is different (or has been in past times).
Also I need to mention that as reported at the time, the previous administration on leaving office apear to have put a block on any further action against the more senior of those involved in illegally outing an "agent/officer" for political reasons.
But we all should also remember that the outing by the previous administration was in no way anonymous (like the wikileaks editors appear to be trying to do) they named the individuals thus endangering not just the individuals life but those of their family, friends or those who have contact with them either knowingly or unknowingly. This is because the favourd assassination method these days appears to be by largish bomb or RPG's used in public places, to get past the close protection and armour in vehicles.
Simpler solution - don't classify stuff just because the contents might embarass a politician. Out of the ~250,000 cables, only about 15,000 were classified 'secret'. I would imagine most of those are secret for reasons of arse-covering rather 'national security'.
The overall impression so far is that US diplomats show an alarming mix or arrogance, ignorance and gullibility.
Hopefully the U.S. government is disseminating secrets that will lead to people it needs to eliminate being exposed for having obtained them, thus enabling them to plug security holes as they're discovered.
Realistically though who knows, if government contractors are chosen according to the cheapest bid rather than the best efficacy to secure digital data, then bargain-basement security invites leaks like a holed can of cat food on a lake bed invites catfish.
foosion: "The anonymous hackers are much more successful and blocking these web sites than anyone is doing of blocking wikileaks"
1. Power's in the hands where it actually belong - the hands of the people. Western democracies are working - thanks to that bad-bad-bad guy Assange and his bunch of criminals _everywhere_ - as Western democracies claiming they are and as they supposed to work.
2. No amount of dedicated professional workforce can overpower a limitless well of wisdom of people - just because that workforce's a part of people.
3. The governments are trying to work on Assange the same ways that Wikileaks' docs are showing: lies, brute force, blackmailing, violence. If they will succeed this time, they will fail next time. I'm really sorry for Assange as a person, may be the big-wigs will understand that murdering him will not work and will just forget about him. They have much bigger problems than bad publicity.
4. Next targets for the people: oppressive governments, leaders of religious and political fanatics (_not_ the fanatics - these will learn to gain and use their freedom, exactly as people in freer countries learned).
5. Next targets: corporate and financial sector: lies, blatant lies and statistics.
Making world better - one DDoS at a time.
I am tired of people trying to turn this into a free speech issue. Those who are currently lauding Assange's actions would most certainly not be doing so if Wikileaks were publishing private information about them, or private conversations between them and someone else.
I am a firm believer in freedom of speech (there is a good reason why it is enshrined in the FIRST amendment of the U.S. Constitution), but Wikileaks published stolen, classified documents, which fall under the category of private information. To publicly disclose illicitly obtained private documents is not the act of a hero, regardless of the contents of the documents or the supposed ideals of the discloser. Such actions are irresponsible at best.
For those thinking about being "pro-wikileaks actavists" be very carefull....
As some may know the "anonymous" group via it's AnonOps website and twitter pages has been encoraging people to download the "Low Orbit Ion Cannon" (LOIC) and use it in hive mind mode to perform DDoS attacks as part of a pseudo-botnet ( http://nakedsecurity.sophos.com/2010/12/09/... ).
Well LOIC is a stress test tool not a cracker tool and in no way makes attempts to hide the users identity ( http://www.simpleweb.org/reports/loic-report.pdf ).
And to demonstrate just what sort of trouble you could be in the Dutch Authorities have already arrested two teenagers who if prosecuted could be looking at six years in jail ( http://nakedsecurity.sophos.com/2010/12/12/... ).
This begs two questions, the first,
"Does the Anonymous group know what they are doing?"
And if "yes" the second question would be,
"Is the Annymous group a sting / entrapment operation?"
It accomplishes the further dissemination of classified data on unclassified networks. There's nothing overtly sinister about asking government employees to not access secret data on the Internet. It is what it is - common sense.
It's the civil servant's duty to maintain the secrets they have access to. Allowing them to go on sites with information posted on the Internet blatantly violates that responsibility.
I disagree. It's just to keep them from getting mixed up in something they should have avoided in the first place.
Above, I meant to say that it avoids further dissemination - not to further it. Sorry.
Here is another twist to the interpretation of the Wikileaks Effect...
America should give Assange a medal
By Gideon Rachman at Financial Times
For the European and Latin American left, just as for the Chinese or Russian nationalist right, it has long been all but assumed that whatever the Americans say publicly about their foreign policy is simply a cover story for some sort of secret agenda. What that agenda is can vary, according to taste - the interests of a powerful company (Halliburton!), the subversion of a leftwing government, the weakening of a rival nation. But whatever the Americans' secret agenda was held to be, they definitely had one - only the absurdly naive could believe otherwise.
And yet, after a fortnight of revelations, WikiLeaks has revealed that, remarkably enough, the public position taken by the US on any given issue is usually the private position as well. There are plenty of cables yet to be released - and perhaps there are some bombshells still out there. But the documents published over the past fortnight have provided very little evidence of double-dealing or bad faith in US foreign policy. Conspiracy theorists all over the world must be deeply disappointed.
The Americans say, in public, that they would like to build a strong relationship with China based on mutual interests - but that they are worried that some Chinese economic policies are damaging American workers. This turns out to be what they are saying in private, as well. In a cable predicting a more turbulent phase in US-Chinese relations, Jon Huntsman, the US ambassador, insists: ”We need to find ways to keep the relationship positive,” while ensuring that American workers benefit more. Many Chinese nationalists and netizens have developed elaborate theories about American plots to thwart China's rise. There is not a hint of this in WikiLeaks.
A question left hovering in the air, as Julian Assange returned to a London jail on Tuesday, is whether the mercurial founder of WikiLeaks has been disappointed to find his conspiratorial view of the world disproved by the very trove of documents he has leaked.
his elaborate guiding philosophy, which views government not so much as a public service as a set of highly organized plots against the people.
WikiLeaks, by passing documents from government whistleblowers to the media, is thought by Mr. Assange to be a tool with which people can decode that conspiracy and reveal and disable its central controls, he has said in a series of essays, interviews and statements.
The British newspaper The Guardian interviewed a number of Mr. Assange’s friends and WikiLeaks colleagues on Tuesday and found a group of increasingly skeptical supporters who see him as having embraced the libertarian, anti-government philosophy popular among many people employed in the information technology industry, but with a messianic streak.
The most interesting part of the story is the colossal weight of government and corporate censorship. Is this the beginning of the end of the dream for a freer, more open world through the internet?
Great piece, hopefully we can spend more time discussing the implications rather than debating the specific facts of the situation. Your last paragraph sums it all up.
Bill asks a question "Why wouldn't a properly implemented Enterprise Digital Rights Management application have made this breach more difficult to pull off?"
Well, no such thing exists. Or can exist in theory. Assuming, of course, that you want anything more than write-only documents.
And should you limit yourself to "practical level" of security, the documents would still be impossible to work with, making them mostly useless. Just like media files with DRM.
You describe technological constraints where the problem is best solved through process.
Firstly - Kill Assange and those directly involved with Wikileaks. No laws; no bull; just death by American operatives.
Secondly - Try Manning, convict him, execute him.
That will quell this attack upon America
of course the focus here is IT security but considering the spooky nature of the event, curiously there's next to no interest in the notion that the files may have been intentionally downloaded by an inside operative (other than patsy Pfc Mannly), then cherry-picked, doctored, and seeded into loads of useless fluff as a pointed intelligence operation, using Wikileaks as the deflected source for an attempt at a sophisticated disinformation psyop - even Brzezinski suggested it - see here -
I agree that the security of citizens was not affected by Wikileaks, but by the leak itself. The problem with Wikileaks is that it created a new convenient market for leaked documents; a market which may increase the appeal of low-risk data theft. And indeed, it could have been anyone else.
Starting December 19, 2010, http://dazzlepod.com/cable/ has started to revision control all the released WikiLeaks cables (1771 cables to date) and upcoming cables.
http://wikileaks.ch/ shows only the updated cables. With revision control, you can see the previous revisions of a cable to track its changes, e.g. names being censored?, potentially controversial section removed?, etc.
from SANS newsletter a sad/fun stupid action:
--Air Force Blocks Sites That Published Documents from WikiLeaks
(December 15, 2010)
The US Air Force has blocked employees' access to websites that
published sensitive documents released by WikiLeaks. Air Force
personnel cannot access The New York Times, The Guardian, Der Spiegel,
Le Monde or more than 20 other online publications from their government
computers. When they attempt to go to those sites, they instead see a
screen that says "Access denied: Internet usage is logged and
Some strange logic expressed by posters here, and elsewhere.
Americans who have *not* read the original material on Wikileaks, just "versions" on CNN and Fox, and claim they already knew.
Likewise the claim that only material damaging to America has been released.
Most amusing are those claims that the material released is fake.... um, right - so it's still "Espionage"?
No - it's a "Jewish" conspiracy! Because, contrary to the facts, it doesn't make Israel look bad.
Somehow Wikileaks is an attack on America? WTF? (pun intended). Material detailing manipulation of other countries, and attacks on other countries, is an "attack on America"?
Has any one considered that the majority of the funding for American espionage is *not* going to the CIA. The pie that used to be for the CIA has grown, and is now going to HS, TSA, and a number of private companies also. Perhaps, just perhaps, this dilution of power has prompted someone within the CIA to nudge a review of that situation? Note that little released makes the CIA look bad...
And Lamos? Seriously?
What, does "anyone" think he was just being a patriot?
The idea that JA does this because he wishes to increase the cost and difficulty of running a conspiracy (as originally written by him on iq.org) *is* supportable - but only if you actually follow the history of what Wikileaks has released - *not* what Time/NYT/Fox/CNN "says" has been released.
Should I be surprised in light of the percentage of Americans who fail the basic entrance requirements for the military are unable to form their own opinions?
No surprise that I don't believe that Toyota's take off, all on their own - *at the same time as American car manufacturers are struggling*.
No surprise that I don't believe that Fiat's take off, all on their own - *at the same time as American car manufacturers are struggling*.
But then (sigh) I live in a country where a major bank, and the main telecommunications carrier - both originally funded solely by the government (taxpayers) has been sold back to those same taxpayers!
The information era my a@#~!
Thank you for reciting the FOX line. You do yourself an injustice by not checking your facts. Had you done so it might have occurred to you that there is a difference between "privacy" and "conspiracy". Hopefully your emotional investment in your opinion will not bind you to that mistake.
And yes, Anonymous are a bunch of a/clowns - think of them as those that loot and riot (football hooligans) seeking legitimacy for their delinquency.
On a relevant, but lighter note: http://xkcd.com/834/
wtf? Most of you people are going on about security breaches. And how wikileaks leaked things that harm our security,cuz thats all the gov. propaganda(mediawhores)will or are allowed to talk about. Those leaks also exposed in the crooks own messages that they are corrupt and they lie regularly to the American public.(not that it wasnt already well known by any one that bothered to get their head outta there ass) And that was just a tiny sample. How many brain cells does it take to figure out that exposing the criminals is what wikileaks is about. They are up in arms saying wikileaks put our country in danger,and undermining our war efforts among other things.The last thing that the media whores are gonna say is that there is plenty of info in those Docs that show all the tragedies from and including 9/11on have been complete lies and fabrications, cuz if the public was ever told the truth they would lynch up most the politicians... I hate to tell you idiots that are more concerned with a security breach than the fact that it exposed our gov. mass murdered its own then sends our troops off to die on a wild goose chase in caves. Plus the clusterfuck they started in Iraq. And handing Us taxpayers the bill!!. UMMMM....we wouldnt even have to worry about anything that was said in those docs possibly hurting our troops or any other security if the Bush gang didnt LIE about Everything and start those wars... CUZ WE WOULDNT EVEN BE THERE!... i watched Bruce Schneiers talk about airport security and of course he is very sharp and logical in his thinking ...but one thing that realy makes me wonder was he was talking like he still thinks that terrorists flew those planes into the towers on 9/11 (could be its just what he has to say to get his security points across since 9\11 was the catalyst for the security he was talking about).... Realy the only people ive seen that still hold onto that are people that have an agenda like the mass media does(a paycheck), they believe the propaganda and cant be bothered with the truth cuz it will rock their belief system (which is the vast majority of the people) or some that care (like im sure Bruce does) but only see or choose to see what the mass media tells them or what they read in the daily paper. Remember people that the Biggest and Baddest Terrorists since at least WW2 has been the US Gov. Most of the rest of the world knows that well.. The only ones that dont know it are the American sheeple.
Breath, I say, breath son. You'll do yourself an injury.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.